A First Look Into the PhishTank

PhishTank's first monthly report shows the US as the main source of phishing exploits and lists the top ten ISPs hosting phishers

Dark Reading logo in a gray background | Dark Reading

PhishTank, the neighborhood watch site for phishing exploits, has released its first round of monthly statistics on the phishing exploits it collected last month.

Out of the 7,061 suspected phishes submitted to the PhishTank site, 3,678 were confirmed, but another 2,505 went offline before they could be validated by the site.

PhishTank is a public clearinghouse for phishing emails and URLs run by OpenDNS, where users and Web developers can post and track phishes. (See DNS Gets Anti-Phishing Hook and Phishers Launch Zero-Day Exploits.)

David Ulevitch, president of OpenDNS, has touted PhishTank as a way for the public to become part of the process of helping to combat phishing. "Any other system out there is a black box you throw the phish into and you don't know what happens to it." It's free, and anyone can submit a suspected phish, track its status, and help others verify their submissions.

In October, 79 percent of the phishing attempts validated by PhishTank used a domain name, and 21 percent, an IP address.

Which brands were by far spoofed the most? You guessed it: PayPal (1,493 phishes) and eBay (1,210 phishes). Next in line were Barclays Bank (321), Fifth Third Bank (203), Volksbanken Raiffeisenbanken (191), Bank of America (188), Wells Fargo (133), Key Bank (111), JP Morgan Chase (104), and Citibank (48).

The top ten ISPs that hosted the most phishing attempts were (in order): Hanaro Telecom, National Internet Backbone, TELESC Telecomunicacoes de Santa Catarina SA, EMCATEL, Instituto Costarricense de Electricidad y Telecom, CQNET Chongqing Broadband Networks, Futures Cable Television, SAVVIS Savvi, CANTV Servicios, MobiFon S.A.

Demographically, 24 percent of the phishing exploits came from the U.S., 14 percent from South Korea, and 8 percent from India. The rest were spread fairly evenly among China (6 percent), Great Britain (4 percent), Germany (4 percent), Brazil (4 percent), Russia (3 percent), Costa Rica (3 percent), and Columbia (3 percent). Other countries represented less than 2 percent of the phishing exploits, according to the PhishTank numbers.

— Kelly Jackson Higgins, Senior Editor, Dark Reading

About the Author

Kelly Jackson Higgins, Editor-in-Chief, Dark Reading

Kelly Jackson Higgins is the Editor-in-Chief of Dark Reading. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise Magazine, Virginia Business magazine, and other major media properties. Jackson Higgins was recently selected as one of the Top 10 Cybersecurity Journalists in the US, and named as one of Folio's 2019 Top Women in Media. She began her career as a sports writer in the Washington, DC metropolitan area, and earned her BA at William & Mary. Follow her on Twitter @kjhiggins.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights